Y-Axis Jobs Logo
Send us feedback
telephone  +91 7670 800 001
Log in Sign up Try Premium
Cybersecurity Analyst at PFX Group
Saint-Laurent, QC H4T 1G2, Canada -
Full Time

Start Date

Immediate

Expiry Date

20 Nov, 25

Salary

0.0

Posted On

21 Aug, 25

Experience

3 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

French, Vulnerability, Security Controls, Computer Science, Gcia, Privacy Regulations, Information Technology, Bilingualism, Python, English, Gcih, Powershell, Cissp, Security Operations

Industry

Information Technology/IT

Description

About PFX™
We engineer leading fluid solutions that keep the world moving and we’re building a better future while we do it. As a vertically integrated global powerhouse, we operate 17 manufacturing facilities and 4 R&D centers across the world, delivering performance from lab to road in over 40 countries.
PFX Group™ brings together a family of trusted companies including Recochem, Prestone, Adam’s Polishes, Kost USA, Ultra Clear, POR and Auto-Chem, each with deep expertise, regional insight, and a shared commitment to engineering excellence.
From automotive and heavy-duty thermal management systems to household and industrial solutions, our products are built for performance, reliability, and a commitment to sustainability. Join us and be part of a team that’s redefining what’s possible in fluid technology.
Role Overview
The Mid-Level Cybersecurity Analyst owns the detect-to-respond lifecycle across our hybrid estate (Azure, Microsoft 365, on-prem). You will hunt, investigate and eradicate threats; engineer new controls mapped to MITRE ATT&CK® and the Cyber Kill Chain®; operationalize threat intelligence (STIX/TAXII); drive vulnerability and risk assessments; strengthen email-security defences; and mentor junior analysts while partnering with Infrastructure, Cloud, DevOps and OT teams.
Key Responsibilities

Threat Hunting, Threat Intelligence & Detection Engineering

  • Develop and tune Microsoft Sentinel analytic rules, KQL hunts and SOAR playbooks aligned to ATT&CK tactics (e.g., Initial Access, Defense Evasion).
  • Build and curate Microsoft Sentinel dashboards that surface real-time security metrics and convert them into clear, executive-ready visuals.
  • Ingest and curate feeds via STIX/TAXII; enrich events with IOCs, TTPs and campaign data; convert intelligence into new detections and weekly threat-intel digests.
  • Maintain a detection-coverage matrix and continuously reduce false-positive rates.

Incident Response & Forensics

  • Lead Tier 2/3 response using NIST 800-61 playbooks, documenting each Kill-Chain phase.
  • Contain, eradicate and recover across Azure, M365 and on-prem assets; preserve evidence and deliver root-cause analyses within 48 hours.

Vulnerability & Risk Assessments

  • Schedule and execute vulnerability scans, penetration tests and configuration reviews; correlate CVEs with ATT&CK techniques; track remediation to closure.
  • Perform formal risk assessments on new projects, third-party integrations and legacy systems; present clear risk treatment plans to stakeholders.

Email Security & Anti-Phishing

  • Manage Microsoft Defender for Office 365 policies (Safe Links, Safe Attachments, anti-phishing, DMARC, DKIM, SPF).
  • Analyze phishing simulations and real-world campaigns; adjust detection heuristics and user-awareness training materials.
  • Triage and examine complex quarantined e-mails; extract IOCs, determine threat origin, and escalate investigations when warranted.

Cloud & Identity Security

  • Harden Azure resources (VNETs, NSGs, Azure Firewall, Defender for Cloud), enforce Conditional Access, MFA and Privileged Identity Management.
  • Investigate anomalous sign-ins (token replay, MFA fatigue, impossible travel) and automate containment.

Device & Network Engineering

  • Audit Fortinet firewalls, switches and VPNs (FortiGate, FortiAnalyzer, FortiManager).

Automation & Continuous Improvement

  • Write PowerShell/Python scripts or Sentinel Logic Apps to automate enrichment (WHOIS, VirusTotal), containment and ticket creation.
  • Integrate security scanning into CI/CD (Terraform/Bicep).

Governance & Compliance

  • Align and implement controls to ISO 27001, NIST CSF, and CIS Controls v8, gathering audit evidence for SOC 2, GDPR, and PIPEDA compliance.

Required Qualifications

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • 3 to 5 years in security operations, incident response or threat-hunting roles.
  • Hands-on expertise with Fortinet security platforms, Microsoft Sentinel, Microsoft Defender and Azure security controls.
  • Proven experience operationalizing threat-intel feeds (STIX/TAXII) and performing vulnerability and risk assessments.
  • Advanced scripting and data-query skills with PowerShell, Python, and Kusto Query Language (KQL).
  • Excellent English communication skills; French is an asset.
  • Certifications such as SC-200, CySA+, GCIA, GCIH, CISSP, CEH, OSCP, CISM.
  • Experience building SOAR playbooks, Terraform/Bicep security modules or securing OT/ICS environments.
  • Familiarity with privacy regulations (GDPR, PIPEDA, Quebec Law 25)
  • Strong proficiency in English; bilingualism is an asset.

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities

Please refer the Job description for details